Query Security Reports
Function
This API is used to query security reports.
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/report/{report_id}
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that an asset belongs to. You can query the assets of a project by project ID. You can obtain the project ID from the API or console. For details, see Obtaining a Project ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
report_id |
Yes |
String |
Definition Security report ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
fw_instance_id |
Yes |
String |
Definition Firewall ID. It is a unique ID generated after a firewall instance is created. You can obtain the firewall ID by referring to Obtaining a Firewall ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
report_profile_id |
Yes |
String |
Definition Security report template ID. Constraints N/A Range 32-bit UUID. Default Value N/A |
Request Parameters
None
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
data |
FirewallReport object |
Parameter |
Type |
Description |
---|---|---|
attack_info |
AttackReport object |
Definition Security event details. Range N/A |
category |
String |
Definition Report type. Range N/A |
internet_firewall |
InternetReport object |
Definition Internet border firewall. Range N/A |
send_time |
Long |
Definition Sending time. Range N/A |
statistic_period |
StatisticPeriod object |
Definition Statistical scope. Range N/A |
vpc_firewall |
VpcReport object |
Definition VPC border firewall. Range N/A |
Parameter |
Type |
Description |
---|---|---|
dst_ip |
Array of ItemVO objects |
Definition Top attack target IP addresses. Range N/A |
ips_mode |
Integer |
Definition Intrusion prevention status. Range N/A |
level |
Array of ItemVO objects |
Definition Attack severity distribution. Range N/A |
rule |
Array of ItemVO objects |
Definition Top attack rules. Range N/A |
src_ip |
Array of ItemVO objects |
Definition Top source IP addresses. Range N/A |
trend |
Array of TrendVO objects |
Definition Attack trend. Range N/A |
type |
Array of ItemVO objects |
Definition Top attack distribution. Range N/A |
Parameter |
Type |
Description |
---|---|---|
eip |
Eip object |
Definition EIP protection status. Range N/A |
in2out |
In2Out object |
Definition Outbound traffic. Range N/A |
out2in |
Out2in object |
Definition Inbound traffic. Range N/A |
overview |
Overview object |
Definition Overview. Range N/A |
traffic_trend |
Array of TrendVO objects |
Definition Traffic trend. Range N/A |
Parameter |
Type |
Description |
---|---|---|
protected |
ChangedVO object |
Definition Protection status. Range N/A |
total |
Integer |
Definition Number of EIPs. Range N/A |
Parameter |
Type |
Description |
---|---|---|
dst_host |
Array of ItemVO objects |
Definition Top accessed domain names. Range N/A |
dst_ip |
Array of ItemVO objects |
Definition Top destination IP addresses. Range N/A |
dst_port |
Array of ItemVO objects |
Definition Top accessed ports. Range N/A |
src_ip |
Array of ItemVO objects |
Definition Top access source IP addresses. Range N/A |
Parameter |
Type |
Description |
---|---|---|
dst_ip |
Array of ItemVO objects |
Definition Top destination IP addresses. Range N/A |
dst_port |
Array of ItemVO objects |
Definition Top open ports. Range N/A |
src_ip |
Array of ItemVO objects |
Definition Top access source IP addresses. Range N/A |
Parameter |
Type |
Description |
---|---|---|
end_time |
Long |
Definition End time. Constraints N/A Range Milliseconds-level timestamp. Default Value N/A |
start_time |
Long |
Definition End time. Constraints N/A Range Milliseconds-level timestamp. Default Value N/A |
Parameter |
Type |
Description |
---|---|---|
app |
Array of ItemVO objects |
Definition Number of top applications. Range N/A |
dst_ip |
Array of ItemVO objects |
Definition Top destination IP addresses. Range N/A |
overview |
Overview object |
Definition Overview. Range N/A |
src_ip |
Array of ItemVO objects |
Definition Top access source IP addresses. Range N/A |
traffic_trend |
Array of TrendVO objects |
Definition Traffic trend. Range N/A |
vpc |
Vpc object |
Definition VPC protection statistics. Range N/A |
Parameter |
Type |
Description |
---|---|---|
access_policies |
AccessPolicy object |
Definition Access control policy. Range N/A |
assets |
ChangedVO object |
Definition Number of assets. Range N/A |
attack_event |
AttackEvent object |
Definition Threat event. Range N/A |
traffic_peak |
TrendVO object |
Definition Peak traffic. Range N/A |
Parameter |
Type |
Description |
---|---|---|
changed |
Integer |
Definition Number of changes. Range N/A |
eip |
Integer |
Definition EIP access control policy. Range N/A |
nat |
Integer |
Definition NAT access control policy. Range N/A |
total |
Integer |
Definition Total number. Range N/A |
Parameter |
Type |
Description |
---|---|---|
changed |
Integer |
Definition Number of changes. Range N/A |
deny |
Integer |
Definition Number of blocked objects. Range N/A |
total |
Integer |
Definition Total number. Range N/A |
Parameter |
Type |
Description |
---|---|---|
agg_time |
Long |
Definition Aggregation time. Range N/A |
bps |
Double |
Definition Bandwidth. Range N/A |
deny |
Long |
Definition Number of blocked objects. Range N/A |
in_bps |
Double |
Definition Inbound bps. Range N/A |
out_bps |
Double |
Definition Outbound bps. Range N/A |
permit |
Long |
Definition Allowed quantity. Range N/A |
Parameter |
Type |
Description |
---|---|---|
key |
String |
Definition Aggregation item. Range N/A |
name |
String |
Definition Aggregation item name. Range N/A |
value |
Long |
Definition Statistical value. Range N/A |
Parameter |
Type |
Description |
---|---|---|
protected |
ChangedVO object |
Definition Protection statistics. Range N/A |
total |
Integer |
Definition Total number. Range N/A |
Parameter |
Type |
Description |
---|---|---|
changed |
Integer |
Definition Number of changes. Range N/A |
total |
Integer |
Definition Number of changes. Range N/A |
value |
Integer |
Definition Quantity. Range N/A |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Definition Error code. Range N/A |
error_msg |
String |
Definition Error message. Range N/A |
Example Requests
Query a security report. The project ID is eb7accd78ea845078275b2ad5280a109, firewall ID is 8a996d43-75bd-48b4-b1b8-de0706b72b8f, template ID is e8f43868-d6e7-43a7-aa7f-dda0292f4785, and report ID is b07861af-3468-4d4e-b39b-30c9ca516888.
https://{Endpoint}/v1/eb7accd78ea845078275b2ad5280a109/report/b07861af-3468-4d4e-b39b-30c9ca516888?report_profile_id=e8f43868-d6e7-43a7-aa7f-dda0292f4785&fw_instance_id=8a996d43-75bd-48b4-b1b8-de0706b72b8f
Example Responses
Status code: 200
OK
{ "data" : { "attack_info" : { "dst_ip" : [ { "key" : "120.52.95.246", "value" : 47 } ], "ips_mode" : 1, "level" : [ { "key" : "CRITICAL", "value" : 119 } ], "rule" : [ { "key" : "Realtek Jungle SDK Command Injection Vulnerability (CVE-2021-35394)", "value" : 30 } ], "src_ip" : [ { "key" : "120.46.56.58", "value" : 66 } ], "trend" : [ { "agg_time" : 1748966700000, "deny" : 2, "permit" : 1 } ], "type" : [ { "key" : "Vulnerability Exploit Attack", "value" : 30 } ] }, "category" : "custom", "internet_firewall" : { "eip" : { "protected" : { "value" : 3 }, "total" : 5 }, "in2out" : { "dst_host" : [ { "key" : "repo.huaweicloud.com", "value" : 58511700 } ], "dst_port" : [ { "key" : "22", "value" : 12062960684 } ], "src_ip" : [ { "key" : "172.18.0.90", "value" : 12062961860 } ] }, "out2in" : { "dst_ip" : [ { "key" : "120.46.56.58", "value" : 41828474 } ], "dst_port" : [ { "key" : "23", "value" : 925712 } ], "src_ip" : [ { "key" : "114.116.217.114", "value" : 4008768 } ] }, "overview" : { "access_policies" : { "eip" : 18, "nat" : 105, "total" : 123 }, "assets" : { "total" : 5 }, "attack_event" : { "deny" : 30, "total" : 119 }, "traffic_peak" : { "in_bps" : 2381284, "out_bps" : 3977 } }, "traffic_trend" : [ { "agg_time" : 1748966400000, "bps" : 0, "in_bps" : 3238, "out_bps" : 808 } ] }, "send_time" : 1749698298872, "statistic_period" : { "end_time" : 1749657599999, "start_time" : 1748966400000 }, "vpc_firewall" : { "app" : [ { "key" : "SSH", "value" : 33901440538 }, { "key" : "PING", "value" : 784 } ], "dst_ip" : [ { "key" : "172.17.0.192", "value" : 33900674752 }, { "key" : "172.18.0.90", "value" : 766570 } ], "overview" : { "access_policies" : { "total" : 10 }, "assets" : { "total" : 17 }, "attack_event" : { "deny" : 0, "total" : 0 }, "traffic_peak" : { "bps" : 711475757 } }, "src_ip" : [ { "key" : "172.18.0.90", "value" : 33900674752 }, { "key" : "172.17.0.192", "value" : 766570 } ], "traffic_trend" : [ { "agg_time" : 1748966400000, "bps" : 0, "in_bps" : 0, "out_bps" : 0 } ], "vpc" : { "protected" : { "value" : 2 }, "total" : 17 } } } }
Status code: 400
Bad Request
{ "error_code" : "CFW.00200003", "error_msg" : "Parameter error." }
Status Codes
Status Code |
Description |
---|---|
200 |
OK |
400 |
Bad Request |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot